All this time I thought WinDef was adequate to protect my PC and was happily pirating repacks and unofficial links off F95.
It will work againts "cookie-cutter" attempts. Keep in mind that for any AV to detect malware of any kind, the makers of the protection software must know it exists, and the details of its implementation.
Often the malware is just a partially rewritten older stuff, so that'll likely get flagged. Brand new exploits or methods, though, may not at all. Even before Intel made it perfectly possible to completely bypass any OS-based security, but that's state-afilliated actor level of competency, so at least for now unlikely to make its way down the chain.
Just like the CIA toolset was restricted solely to their us- oh, wait /s
Is there any way to detect/resolve potential malware threats without junking my entire hard drive?
Not unless you're able to do security audit on your own. The only way to completely avoid potential infections is not to run anything of ultimately unknown origin.
My personal approach is toward mitigating the risk. As I mentioned, the chance of running into some malware on F95 is pretty small. Especially the kind that won't show any unexpected activity, much less bypass any decent AV. Any malicious actor with the skills to pull it off without getting red-flagged will likely not bother with such a relatively inconsequential audience, when they can just "repack" some extremely popular new game release and get several orders of magnitute higher infection rate.
So.... basically, pirate responsibly? Heh.
One thing I'd definitely recommend is setting up a dual boot system with some flavor of Unix for "personal use." Windows is still, by far, the most popular OS on the planet, therefore the most targeted. It's not like you can't write a rootkit that can affect multiple OS types, but as far as I'm aware that's not very common to start with.
That way you can introduce at least some obstruction between your "I don't know what I'm running" gaming system and the one you're you're doing your banking or even mail checking on.
And what do you reckon are my vulnerabilities if I do have these on my system? I don't keep my passwords stored on this, but I do some banking from time to time on this computer, and everything was set up to 2FA.
Depends on what, if anything, is installed. There's a difference between "remote control" hijack that is generally an one-off, and a botnet node access that will try to obscure itself with low resource use (and might not even care about your personal data at all), or a professional bitcoin miner that will mask as Microsoft's BITS traffic or whatnot.
Now that I think about it, there was an unusually high number of sign-in attempts on my main e-mail that I noticed occurring from foreign IP addresses, namely Russian, Chinese, and American, so I'm assuming I'm already compromised to some degree.
Could be just general random internet noise. Lots of script kiddies around trying to bruteforce mailboxes with some script they downloaded from someone else just to show how 1337 they are /s
Someone with access to your system would already get the password, and have access to the 2FA e-mail account to confirm "new IP" login.
The best thing you can do is to commit some time on regular basis to slowly learning the basics. I'd suggest starting with ways of auditing your network traffic, since that's pretty easy to do (learn how to log with your firewall of choice, look into WireShark).
Learning never hurts, though in this case it might make you overly paranoid (or so they tell me - it's not paranoia when THEY are out to get you!!1!one! ). And, if you find it interesting enough to turn into a professional career, there's a LOT of money in it from purely whitehat approach, as well.
